NetBSD/pkgsrc ZAnTN9ydoc CHANGES-2026

   doc: Updated devel/bacon to 3.23.0
VersionDeltaFile
1.3132+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc c34KCEYdevel/bacon distinfo cargo-depends.mk

   devel/bacon: update to 3.23.0

    - scroll_anchor decides whether the scroll initially sticks with the first item (most common setting),
      with the last one, or to show most recent output lines unless there are errors in which case it show
      first items (by default in run jobs with auto) - Fix #384
      If you're using an old bacon.toml file, you may want to add scroll_anchor="auto" to jobs running
      the compiled executable.

    - show_command_error_code job parameter, which is true in default cargo run job - Fix #435
      When calling a lint or compilation tool, the exit status is usually not interesting: many tools report
      an error (i.e. a non zero code) as soon as there's an error, or even a warning (eg miri).
      That's why the error code isn't shown in bacon when there are also warnings, errors or test failures.
      But sometimes you do want to see such error, eg when running not just the compiler/linter but the program
      you're writing as in bacon run. In such case, you should set show_command_error_code=true.

    - fix a log message from the rodio library leaking to the interface - Fix #437 - Thanks @c-git
      When a user requires the ignoring of some/folder, they usually wants to ignore the content of that folder.
      So now we also generate a pattern with added /** when it seems relevant. - Fix #438
VersionDeltaFile
1.37+22-10devel/bacon/distinfo
1.36+6-2devel/bacon/cargo-depends.mk
1.38+2-2devel/bacon/Makefile
+30-143 files

NetBSD/src 8N4mBrmsys/opencrypto ocryptodev.c cryptodev.c

   crypto(4): Nix spurious mutex_exit; add missing bounds checks.

   Consistently use `foo = kmem_alloc(n * sizeof(*foo), ...)' instead of
   `sizeof(struct whatever_foo_is)'.  Makes it easier for a reader to
   notice a discrepancy this way.

   Move CRYPTODEV_OPS_MAX to cryptodev_internal.h so it can be used by
   the compat ocryptodev.c shims too.  I think this is waaaaaaaaaaaaay
   too high, by the way.  For example, it looks like qat(4) puts a limit
   of 16384 on the number of sessions.  Other devices like hifn(4) look
   like they're limited to numbers of sessions ranging from 2 to around
   256.

   PR kern/60281: crypto(4): bugs in reference counting and test
VersionDeltaFile
1.19+24-23sys/opencrypto/ocryptodev.c
1.133+13-14sys/opencrypto/cryptodev.c
1.5+16-2sys/opencrypto/cryptodev_internal.h
+53-393 files

NetBSD/pkgsrc 5x0jwzSnews/nn/patches patch-ak patch-digest.c

   deal with ctype functions faulting on invalid input on NetBSD 11
   (by making invalid input less likely)

   While at it add LICENSE
VersionDeltaFile
1.5+136-11news/nn/patches/patch-ak
1.1+96-0news/nn/patches/patch-digest.c
1.1+83-0news/nn/patches/patch-pack__date.c
1.1+72-0news/nn/patches/patch-options.c
1.1+71-0news/nn/patches/patch-match.c
1.4+64-5news/nn/patches/patch-au
+522-1625 files not shown
+1,486-5731 files

NetBSD/pkgsrc OFYVt6plicenses nn-license

   Add license file for news/nn
VersionDeltaFile
1.1+47-0licenses/nn-license
+47-01 files

NetBSD/pkgsrc XaXnUa5doc CHANGES-2026

   Updated shells/dash, security/adguardhome
VersionDeltaFile
1.3131+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc C5XnxjGsecurity/adguardhome distinfo go-modules.mk

   adguardhome: updated to 0.107.75

   0.107.75

   We’ve fixed a critical vulnerability affecting DNS-over-QUIC and DNS-over-HTTPS
   that could put your DNS privacy at risk. The gap is now closed, and your
   encrypted traffic is back to traveling through a properly armored tunnel.
VersionDeltaFile
1.8+19-19security/adguardhome/distinfo
1.6+4-4security/adguardhome/go-modules.mk
1.16+2-3security/adguardhome/Makefile
+25-263 files

NetBSD/pkgsrc IjHGaGnshells/dash distinfo Makefile

   dash: updated to 0.5.13.4

   0.5.13.4
   Bug fixes
VersionDeltaFile
1.19+4-4shells/dash/distinfo
1.20+2-2shells/dash/Makefile
+6-62 files

NetBSD/pkgsrc EuYmq3Sdoc CHANGES-2026

   Updated lang/py-python-discovery, mail/py-mail-parser
VersionDeltaFile
1.3130+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc lpfJnzUmail/py-mail-parser Makefile distinfo

   py-mail-parser: updated to 4.2.1

   4.2.0

   Use uv to manage packages
   Support for .id and .by top level domains in parse_received
   Fixed issue Parser behaving different on Linux vs Windows
   Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.13.0 in /.github/workflows
   General improvements
   Issue 146: Fix comma in encoded address header
   Refactor received header parsing: replace regex list with RFC 5321 to…
VersionDeltaFile
1.6+6-9mail/py-mail-parser/Makefile
1.5+4-4mail/py-mail-parser/distinfo
1.4+1-2mail/py-mail-parser/PLIST
+11-153 files

NetBSD/pkgsrc yx8NiDnlang/py-python-discovery distinfo Makefile

   py-python-discovery: updated to 1.3.1

   Bug fixes - 1.3.1
   - export normalize_isa and deprecate KNOWN_ARCHITECTURES
   - discover uv-managed Pythons on Windows. Previously the glob assumed Unix layout (``<root>/<key>/bin/python``) and
     silently found nothing on Windows, where uv places ``python.exe`` directly under the install root
   - Canonicalize GraalVM to match GraalPy Python interpreter in PythonSpec and PythonInfo.
VersionDeltaFile
1.6+4-4lang/py-python-discovery/distinfo
1.6+2-2lang/py-python-discovery/Makefile
+6-62 files

NetBSD/pkgsrc-wip 117b8c8markless distinfo Makefile

markless: update to 0.9.28.
DeltaFile
+3-3markless/distinfo
+1-1markless/Makefile
+4-42 files

NetBSD/pkgsrc Gw1wfPCdoc CHANGES-2026

   doc: Updated www/nginx to 1.30.1
VersionDeltaFile
1.3129+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc ox4GKxkwww/nginx distinfo Makefile

   nginx: Update to 1.30.1.

   Changes with nginx 1.30.1                                        13 May 2026

       *) Security: when using the "proxy_set_body" directive, an attacker
          might inject data in the proxied request to an HTTP/2 backend
          (CVE-2026-42926).
          Thanks to Mufeed VH of Winfunc Research.

       *) Security: a heap memory buffer overflow might occur in a worker
          process while handling a specially crafted request by
          ngx_http_rewrite_module, potentially resulting in arbitrary code
          execution (CVE-2026-42945).
          Thanks to Leo Lin.

       *) Security: a heap memory buffer overread might occur in a worker
          process while handling a specially crafted response by
          ngx_http_scgi_module or ngx_http_uwsgi_module, allowing an attacker
          to cause a disclosure of worker process memory or segmentation fault

    [27 lines not shown]
VersionDeltaFile
1.141+4-4www/nginx/distinfo
1.191+2-2www/nginx/Makefile
+6-62 files

NetBSD/pkgsrc Q2vc1Efdoc CHANGES-2026

   doc: Updated shells/oh-my-posh to 29.14.0
VersionDeltaFile
1.3128+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc ngvmUPVshells/oh-my-posh distinfo go-modules.mk

   shells/oh-my-posh: update to 29.14.0

   Bug Fixes

    - cli: check upgrade cache key in notice command (e59a704)
    - cli: use idiomatic ok and always close cache in notice (3428861)
    - cmd: defer notice to first prompt in Clink (2e68186), closes #7524

   Features

    - cli: add copilot command and copilot_cli segment (7bb5ba7)
    - upgrade: unlock oh-my-posh upgrade on FreeBSD (58c5598)
VersionDeltaFile
1.303+34-34shells/oh-my-posh/distinfo
1.129+10-10shells/oh-my-posh/go-modules.mk
1.333+2-2shells/oh-my-posh/Makefile
+46-463 files

NetBSD/src NHDvZNRsys/opencrypto cryptodev.c

   crypto(4): Omit needless locking in fcrypt_dtor.

   We must have exclusive access to the object for this function to work
   at all, so if removing the locks appeared to cause issues, it would
   necessarily happen only because there is a bug somewhere else.

   PR kern/60281: crypto(4): bugs in reference counting and test
VersionDeltaFile
1.132+2-4sys/opencrypto/cryptodev.c
+2-41 files

NetBSD/src GWQzCaCsys/opencrypto cryptodev.c cryptosoft.c, sys/rump/dev/lib/libopencrypto opencrypto_component.c OPENCRYPTO.ioconf

   crypto(4): Disentangle initialization and attachment goo.

   Lotta unnecessary boilerplate deleted here!

   Disable module unloading: can't be done safely.  Explain precisely
   why it can't be done safely.

   This also fixes annoying `crypto: unable to register devsw, error 17'
   messages in rump dmesg by having exactly one path to devsw_attach.

   PR kern/60281: crypto(4): bugs in reference counting and test
VersionDeltaFile
1.131+91-124sys/opencrypto/cryptodev.c
1.67+29-115sys/opencrypto/cryptosoft.c
1.7+10-39sys/rump/dev/lib/libopencrypto/opencrypto_component.c
1.14+6-1tests/crypto/opencrypto/t_opencrypto.sh
1.2+1-2sys/rump/dev/lib/libopencrypto/OPENCRYPTO.ioconf
+137-2815 files

NetBSD/src G2gBy2zsys/opencrypto cryptodev.c

   crypto(4): Fix missing membars on reference count release.

   If two threads A and B both hold references, we need to ensure that
   memory ops in thread A happen before memory free in thread B in:

   thread A                thread B                notes
   --------                --------                -----
   memory ops
   atomic_dec(&refcnt)                             goes from 2 to 1
                           atomic_dec(&refcnt)     goes from 1 to 0
                           memory free

   This requires a membar_release in thread A before the atomic_dec (or
   atomic_dec with memory_order_release), and a membar_acquire in thread
   B after the atomic_dec is found to have brought the reference count
   down to zero (or atomic_dec wiht memory_order_acquire).

   kern/60281: crypto(4): bugs in reference counting and test
VersionDeltaFile
1.130+4-2sys/opencrypto/cryptodev.c
+4-21 files

NetBSD/src ngEakn3sys/opencrypto cryptodev.c

   crypto(4): Take reference _before_ releasing the lock.

   Otherwise nothing ensures the object will still exist by the time we
   try to take the reference.

   Also guard against too many references, since this is only a 32-bit
   reference count.

   PR kern/60281: crypto(4): bugs in reference counting and test
VersionDeltaFile
1.129+6-3sys/opencrypto/cryptodev.c
+6-31 files

NetBSD/src 3HIGMFBtests/crypto/opencrypto h_thread.c t_opencrypto.sh

   crypto(4): Make test more reliable, and test more.

   1. New thread to concurrently create and destroy sessions.

      (There should really be multiple threads to concurrently compete
      with each other to create and destroy sessions, but this is
      already surfacing more crashes, as I expected.)

   2. Handle EBUSY in CIOCFSESSION in case there is a concurrent
      CIOCCRYPT, as we are trying to test.

   3. Handle CIOCCRYPT failure if a concurrent CIOCFSESSION beat us to
      it, as we are trying to test

   4. Dump core if the threads get stuck for too long.

   5. Provide stack traces from the test program or rump server if they
      dump core.

   PR kern/60281: crypto(4): bugs in reference counting and test
VersionDeltaFile
1.2+119-44tests/crypto/opencrypto/h_thread.c
1.13+9-1tests/crypto/opencrypto/t_opencrypto.sh
+128-452 files

NetBSD/pkgsrc lWfkuRkx11/kitty distinfo go-modules.mk, x11/kitty/patches patch-kitty_disk-cache.c

   kitty: update to 0.47.0

   - A new Drag and drop kitten to allow drag and drop of files from
     your shell to any GUI program even across SSH
   - A new option palette_generate to automatically generate the 256
     color palette from the first 16 colors
   - For builtin key mappings automatically fallback to matching the
     US-PC layout key when the pressed key has no matches and is a
     non-English character
   - Allow drag and drop of windows to re-arrange them, move them to
     another tab/OS Window or detach them into a new OS Window. See
     toggle_window_title_bars to temporarily show window title bars to
     drag them around
   - Have scroll_line_up and scroll_line_down smooth scroll by default.
     Can be restored to old behavior by re-mapping without the smooth
     argument
   - Draw a progress bar at the top of the window when a program
     reports progress using the OSC 9;4 escape sequence, controlled by
     progress_bar

    [94 lines not shown]
VersionDeltaFile
1.42+65-52x11/kitty/distinfo
1.18+21-17x11/kitty/go-modules.mk
1.38+24-4x11/kitty/PLIST
1.1+16-0x11/kitty/patches/patch-kitty_disk-cache.c
1.88+4-5x11/kitty/Makefile
+130-785 files

NetBSD/pkgsrc Jn9AKOudoc CHANGES-2026

   doc: Updated lang/ruby40 to 4.0.4
VersionDeltaFile
1.3127+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc Ge3CUXzlang/ruby rubyversion.mk, lang/ruby40 distinfo PLIST

   lang/ruby40: update to 4.0.4

   pkgsrc change:

   * Fix rdoc problem on C locale, backported from rdoc-7.0.4.
     (So, no need to patch a template file to character entity reference.)

   Ruby 4.0.4 (2026-05-11)

   * Bug #21955: Fiber#transfer: machine stack not released when fiber
     terminates, causing FiberError: can't set a guard page
   * Bug #21964: Fiber stack acquire can expand unnecessarily
   * Bug #21971: Fix regexp performance regression for patterns starting with
     s/k
   * Bug #21961: Marshal.load freeze option fail to freeze linked strings
   * Bug #21959: rb_internal_thread_event_hooks_rw_lock is not reinitialized
     after fork causing deadlocks
   * Bug #21954: NoMethodError instead of Gem::LoadError on gem activation
     problem in Ruby 4.0.2

    [16 lines not shown]
VersionDeltaFile
1.1+15-0lang/ruby40/patches/patch-.bundle_gems_rdoc-7.0.3_lib_rdoc_parser_c.rb
1.8+5-5lang/ruby40/distinfo
1.323+4-4lang/ruby/rubyversion.mk
1.3+3-1lang/ruby40/PLIST
1.2+1-1lang/ruby40/patches/patch-.bundle_gems_rdoc-7.0.3_lib_rdoc_generator_template_aliki___header.rhtml
+28-115 files

NetBSD/pkgsrc PDWLudRdoc CHANGES-2026

   doc: Updated lang/ruby34 to 3.4.9nb2
VersionDeltaFile
1.3126+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc O7GaJs9lang/ruby34 Makefile distinfo, lang/ruby34/patches patch-lib_rdoc_parser_c.rb

   lang/ruby34: improve rdoc

   * Fix rdoc problem on C locale, backported from rdoc-7.0.4.
   * Remove pkglint warning.

   Bump PKGREVISION.
VersionDeltaFile
1.1+15-0lang/ruby34/patches/patch-lib_rdoc_parser_c.rb
1.9+2-2lang/ruby34/Makefile
1.15+2-1lang/ruby34/distinfo
+19-33 files

NetBSD/pkgsrc mrRVW8Mdoc CHANGES-2026

   doc: Updated lang/ruby33 to 3.3.11nb2
VersionDeltaFile
1.3125+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc G9InE3Rlang/ruby33 Makefile distinfo, lang/ruby33/patches patch-lib_rdoc_parser_c.rb

   lang/ruby33: improve rdoc

   * Fix rdoc problem on C locale, backported from rdoc-7.0.4.
   * Remove pkglint warning.

   Bump PKGREVISION.
VersionDeltaFile
1.1+15-0lang/ruby33/patches/patch-lib_rdoc_parser_c.rb
1.12+5-5lang/ruby33/Makefile
1.18+2-1lang/ruby33/distinfo
+22-63 files

NetBSD/pkgsrc Bap45tUdoc CHANGES-2026

   Added misc/kdsingleapplication; Updated audio/strawberry
VersionDeltaFile
1.3124+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc AoXHxRKaudio/strawberry/patches patch-ext_strawberry-tagreader_CMakeLists.txt patch-src_CMakeLists.txt

   strawberry: remove unused patches
VersionDeltaFile
1.2+1-1audio/strawberry/patches/patch-ext_strawberry-tagreader_CMakeLists.txt
1.2+1-1audio/strawberry/patches/patch-src_CMakeLists.txt
1.3+1-1audio/strawberry/patches/patch-src_utilities_transliterate.cpp
+3-33 files